Drudge Retort: The Other Side of the News
Monday, January 08, 2018

Zeynep Tufekci: For computer security professionals, 2018 started with a bang. A new class of security vulnerability -- a variety of flaws that affect almost all major microprocessor chips, and that could enable hackers to steal information from personal computers as well as cloud computing services -- was announced on Wednesday. The news prompted a rush of fixes, ruining the holiday vacations of system administrators worldwide. For an ordinary computer user, there is not much to panic about right now. Just keep your software updated so you receive the fixes. And consider installing an ad-blocker like uBlock Origin to protect against ads that carry malware that could exploit these vulnerabilities. That is about all you can do. However, as a citizen of a world in which digital technology is increasingly integrated into all objects -- not just phones but also cars, baby monitors and so on -- it is past time to panic.

Advertisement

Advertisement

More

Comments

Admin's note: Participants in this discussion must follow the site's moderation policy. Profanity will be filtered. Abusive conduct is not allowed.

"Just keep your software updated so you receive the fixes."

Fixes or Enhancements?

#1 | Posted by bat4255 at 2018-01-09 08:19 AM | Reply

Thanks for the tip

#2 | Posted by bayviking at 2018-01-09 08:57 AM | Reply

Decent opinion piece but, in reality, this vulnerability is only exploitable by user action. A user has to visit a malicious site or install malicious code (now that it's public, that may change considering the nature of the threat but for now, it is not self-propagating). And this is where it gets really ugly. Saying something like the companies need to be held accountable is true to some degree, but it is true in the same degree as the users of the computers. But all the bleeding hearts never like to hear that. This is exactly like debit card fraud. People were giving out their PINs (and still do) or being very stupid with their cards so other people can use them. Instead of creating regulations to better educate people and to hold them accountable, they passed Reg E which puts all of the onus on the financial institutions. If the author truly cared about security she wouldn't have focused so hard on companies being the problem and spread the blame across the board. But, of course, we can't bring back personal responsibility now after it's been shunned in America so long, so we have to blame anyone but the person who refuses to increase their security awareness because, hey, he has shiny things he has to focus on like how to hate the POTUS in office at the time.

#3 | Posted by humtake at 2018-01-09 11:52 AM | Reply

we can't bring back personal responsibility

That is ripe.

#4 | Posted by 726 at 2018-01-09 12:21 PM | Reply

He's Correct, 726...

I've always said I'm not afraid of a hacker, I'm afraid of the idiots behind my firewall..

#5 | Posted by boaz at 2018-01-09 04:06 PM | Reply

But, of course, we can't bring back personal responsibility now after it's been shunned in America so long, so we have to blame anyone but the person who refuses to increase their security awareness because, hey, he has shiny things he has to focus on like how to hate the POTUS in office at the time.

#3 | Posted by humtake

What a load of Malarkey. Conservaturds are so full of it.

Users do need to be responsible but they also need to be made aware these things are happening and how to protect themselves.

Even our President won't admit these things are happening and that they are being done by powers hostile to our Democracy. These efforts at security awareness should come from the top.

How do you take personal responsibility for malicious code when you are not even aware it is being downloaded?

The software should protect you from that. If you click on a link and code is attempting to download your computer it should be asking you if you are ok with it.

Systems can be configured to be this way but it does not come out of the box that way and many users have no idea how to do these things themselves. Does everyone have to have a computer science degree before they can use one? Do car drivers need to be full auto mechanics to drive a car?

Companies DO have a responsibility to secure their devices. Sometimes my friend, regulations ARE needed to help protect consumers.

#6 | Posted by donnerboy at 2018-01-09 04:24 PM | Reply | Newsworthy 1

- Companies DO have a responsibility to secure their devices.

All of our data is already out there. The CIA's worst tools are avail for d/l.

Now 20 y.o. chips which run every pc and net appliance around the globe are vulnerable.

Biometrics is on the way.

#7 | Posted by SheepleSchism at 2018-01-09 06:21 PM | Reply

"How do you take personal responsibility for malicious code when you are not even aware it is being downloaded?"

This is where you fail to realize that you can't get rid of all of anything. To make it clearer, you are right, there are times when you don't know something is being downloaded. However, that is a small portion of cybercrime. The VERY LARGE HUMONGOUS portion that makes cybercrime such a pervasive and worldwide issue is that people are clicking on links or being easily tricked to visit malicious websites. The times when it is not personal responsibility does happen. The times when it is about personal responsibility happen thousands and thousands of times per day (could be more but I'm only going by my industry's metrics).

Also, companies spend a huge chunk of money on security. And yet over 80% of the time, data is breached because someone does something they shouldn't have done. That isn't made up. Then, guess what happens to the employee? Most of the time, they are fired yet the company has to pay huge sums of money because of the breach. The company takes responsibility for the issue. The person doesn't or they wouldn't have clicked on the link from the Nigerian prince. Thank you.

#8 | Posted by humtake at 2018-01-10 12:04 PM | Reply

Comments are closed for this entry.

Home | Breaking News | Comments | User Blogs | Stats | Back Page | RSS Feed | RSS Spec | DMCA Compliance | Privacy | Copyright 2018 World Readable

Drudge Retort